Adding support for generating more than 32 bytes at a time.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>

bn.c

@@ -418,7 +418,7 @@ bn256_random (bn256 *X)
 
   for (i = 0; i < 256/256; i++)
     {
-      rand = random_bytes_get ();
+      rand = random_bytes_get (32);
       for (j = 0; j < BN256_WORDS; j++)
 	X->word[i*BN256_WORDS+j] = ((uint32_t *)rand)[j];
       random_bytes_free (rand);

neug.c

@@ -62,7 +62,6 @@ static void ep_init (int mode)
 /* Here, we assume a little endian architecture.  */
 static int ep_process (int mode)
 {
-  
     if (ep_round == 0)
     {
         ep_init(mode);
@@ -259,13 +258,16 @@ uint32_t neug_get (int kick)
     return v;
 }
 
-void neug_wait_full (void)
+void neug_wait_full (void) //should be called only on core1
 {
     struct rng_rb *rb = &the_ring_buffer;
 
   //chopstx_mutex_lock (&rb->m);
-    while (!rb->full)
-        neug_task(); //chopstx_cond_wait (&rb->data_available, &rb->m);
+    while (!rb->full) {
+        printf("not full yet!\r\n");
+        //neug_task(); //chopstx_cond_wait (&rb->data_available, &rb->m);
+        sleep_ms(1);
+    }
   //chopstx_mutex_unlock (&rb->m);
 }
 

openpgp-do.c

@@ -1472,7 +1472,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data,
 
   compute_key_data_checksum (&kdi, prvkey_len, CKDC_CALC);
 
-  dek = random_bytes_get (); /* 32-byte random bytes */
+  dek = random_bytes_get (32); /* 32-byte random bytes */
   iv = dek + DATA_ENCRYPTION_KEY_SIZE;
   memcpy (pd->dek_encrypted_1, dek, DATA_ENCRYPTION_KEY_SIZE);
   memcpy (pd->dek_encrypted_2, dek, DATA_ENCRYPTION_KEY_SIZE);
@@ -2532,7 +2532,7 @@ gpg_do_keygen (uint8_t *buf)
 	{
 	  if (rnd)
 	    random_bytes_free (rnd);
-	  rnd = random_bytes_get ();
+	  rnd = random_bytes_get (32);
 	  r = ecc_check_secret_p256k1 (rnd, d1);
 	}
       while (r == 0);
@@ -2553,7 +2553,7 @@ gpg_do_keygen (uint8_t *buf)
     }
   else if (attr == ALGO_CURVE25519)
     {
-      rnd = random_bytes_get ();
+      rnd = random_bytes_get (32);
       memcpy (d, rnd, 32);
       random_bytes_free (rnd);
       d[0] &= 248;
@@ -2564,7 +2564,7 @@ gpg_do_keygen (uint8_t *buf)
     }
   else if (attr == ALGO_ED25519)
     {
-      rnd = random_bytes_get ();
+      rnd = random_bytes_get (32);
       
       mbedtls_sha512_context ctx;
       mbedtls_sha512_init(&ctx);
@@ -2584,11 +2584,11 @@ gpg_do_keygen (uint8_t *buf)
   else if (attr == ALGO_ED448)
     {
       shake_context ctx;
-      rnd = random_bytes_get ();
+      rnd = random_bytes_get (32);
       shake256_start (&ctx);
       shake256_update (&ctx, rnd, 32);
       random_bytes_free (rnd);
-      rnd = random_bytes_get ();
+      rnd = random_bytes_get (32);
       shake256_update (&ctx, rnd, 25);
       shake256_finish (&ctx, d, 2*57);
       random_bytes_free (rnd);
@@ -2598,10 +2598,10 @@ gpg_do_keygen (uint8_t *buf)
     }
   else if (attr == ALGO_X448)
     {
-      rnd = random_bytes_get ();
+      rnd = random_bytes_get (32);
       memcpy (d, rnd, 32);
       random_bytes_free (rnd);
-      rnd = random_bytes_get ();
+      rnd = random_bytes_get (32);
       memcpy (d+32, rnd, 24);
       prv = d;
       ecdh_compute_public_x448 (pubkey, prv);

openpgp.c

@@ -1465,7 +1465,7 @@ cmd_get_challenge (queue_t *ccid_comm)
     eventflag_signal (ccid_comm, EV_EXEC_ACK_REQUIRED);
 #endif
 
-  challenge = random_bytes_get ();
+  challenge = random_bytes_get (32);
   memcpy (res_APDU, challenge, len);
   res_APDU_size = len;
   GPG_SUCCESS ();

random.c

@@ -50,12 +50,14 @@ void random_fini (void)
  * Return pointer to random 32-byte
  */
 void random_bytes_free (const uint8_t *p);
-const uint8_t * random_bytes_get (void)
+const uint8_t * random_bytes_get (size_t len)
 {
-    static uint32_t return_word[RANDOM_BYTES_LENGTH/sizeof (uint32_t)];
-    neug_wait_full ();
-    memcpy(return_word, random_word, sizeof(return_word));
-    random_bytes_free((const uint8_t *)random_word);
+    static uint32_t return_word[512/sizeof(uint32_t)];
+    for (int ix = 0; ix < len; ix += RANDOM_BYTES_LENGTH) {
+        neug_wait_full ();
+        memcpy(return_word+ix/sizeof(uint32_t), random_word, RANDOM_BYTES_LENGTH);
+        random_bytes_free((const uint8_t *)random_word);
+    }
     return (const uint8_t *)return_word;
 }
 

random.h

@@ -2,7 +2,7 @@ void random_init (void);
 void random_fini (void);
 
 /* 32-byte random bytes */
-const uint8_t *random_bytes_get (void);
+const uint8_t *random_bytes_get (size_t);
 void random_bytes_free (const uint8_t *p);
 
 /* 8-byte salt */

sc_hsm.c

@@ -386,7 +386,7 @@ static int cmd_reset_retry() {
 }
 
 static int cmd_challenge() {
-    memcpy(res_APDU, random_bytes_get(), apdu.expected_res_size);
+    memcpy(res_APDU, random_bytes_get(apdu.expected_res_size), apdu.expected_res_size);
     res_APDU_size = apdu.expected_res_size;
     return SW_OK();
 }
@@ -437,11 +437,11 @@ static int cmd_initialize() {
         }
         p += tag_len;
     }
-    p = random_bytes_get();
+    p = random_bytes_get(32);
     memset(tmp_dkek, 0, sizeof(tmp_dkek));
     memcpy(tmp_dkek, p, IV_SIZE);
     if (dkeks == 0) {
-        p = random_bytes_get();
+        p = random_bytes_get(32);
         memcpy(tmp_dkek, p, 32);
         encrypt(session_sopin, tmp_dkek, tmp_dkek+IV_SIZE, 32);
         file_t *tf = search_by_fid(EF_DKEK, NULL, SPECIFY_EF);
@@ -1154,7 +1154,7 @@ static int cmd_key_gen() {
     if (!isUserAuthenticated)
         return SW_SECURITY_STATUS_NOT_SATISFIED();
    //at this moment, we do not use the template, as only CBC is supported by the driver (encrypt, decrypt and CMAC)
-    const uint8_t *aes_key = random_bytes_get();
+    const uint8_t *aes_key = random_bytes_get(32);
     file_t *fpk = file_new((KEY_PREFIX << 8) | key_id);
     int r = flash_write_data_to_file(fpk, aes_key, key_size);
     if (r != HSM_OK)